import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class Example {
public static void main(String[] args) {
final String regex = "^<142>(?P<date>\\w+\\s+\\d+)\\s+(?P<time>[^ ]+)\\s+(?P<server>\\w+)\\s+(?P<process_name>[a-z]+)\\[(?P<process_number>\\d+)[^ \\n]* (?P<process_id>[^\\|]+)\\|(?P<message_id>[^\\|]+)\\|(?P<action>IRCPTACTION|VERDICT|UNTESTED|FIRED|SENDER|LOGICAL_IP|EHLO|MSG_SIZE|MSGID|SOURCE|SUBJECT|ORCPTS|TRACKERID|ATTACH|UNSCANNABLE|VIRUS|DELIVER|ACCEPT)(?:(?:(?<=ACCEPT|DELIVER|LOGICAL_IP)\\|(?P<src>[^:\\s]+)(?::(?P<port>[0-9]+))?(?:\\|(?P<to>[^\\s]+))?)|(?:(?<=FIRED|IRCPTACTION|ORCPTS|TRACKERID|UNTESTED|VERDICT)\\|(?P<recipient>[^\\s\\|]+)(?:\\|)?(?P<result>[a-z][^\\|\\s]+)?(?:\\|(?P<result_2>[a-z][^\\|]+))?(?:\\|(?P<result_3>.+))?)|(?:(?<=SENDER)\\|(?P<from>[^\\s]+))|(?:(?<=MSG_SIZE)\\|(?P<msg_size>\\w+))|(?:(?<=SUBJECT)\\|(?P<subject>.*))|(?:(?<=ATTACH)\\|(?P<attachment>.+))|(?:(?<=UNSCANNABLE)\\|(?P<reason>.+))|(?:(?<=VIRUS)\\|(?P<virus_name>.+))|(?:(?<=EHLO)\\|(?P<fqdn>.+)))?";
final String string = "<142>Sep 20 11:42:57 mailet25 ecelerity[27980]: 1470000077|d1a8001b-c3fff70000006d4c-e9-23158ffe73e|TRACKERID|local-user@domain.com|H4sIAAAAAAAAA3(...Large Hash...)Qgi8J7WY\n\n"
+ "<142>Sep 21 10:18:14 mailet25 bmserver[53347]: 1470000094|d1a8001b-c3fff70000006d4c-04-23296a3db01|VERDICT|local-user@domain.com|none|smg quarantine|default\n\n"
+ "<142>Sep 19 20:53:26 mailet25 bmserver[53347]: 1470000006|d1a8001b-c3fff70000006d4c-59-2308884a83b|VERDICT|local-user@domain.com|virus|default|virus: clean message (default)\n\n"
+ "<142>Sep 21 10:05:13 mailet25 bmserver[53347]: 1470000012|d1a8001b-c3bff70000006d4c-08-2329391cc5f|VIRUS|trojan.bayrob!g12\n\n"
+ "<142>Sep 21 09:12:38 mailet25 bmserver[53347]: 1470000057|d1a8001b-c3bff70000006d4c-9e-23287459b57|UNSCANNABLE|malformed_mime\n\n"
+ "<142>Sep 21 10:09:07 mailet25 bmserver[53347]: 1470000047|d1a8001b-c3bff70000006d4c-66-232948368ec|ATTACH|winmail.dat\n\n"
+ "<142>Sep 21 10:02:07 mailet25 bmserver[53347]: 1470000027|d1a8001b-c3fff70000006d4c-f5-23292ddb824|SUBJECT|Email mail subject\n\n"
+ "<142>Sep 21 09:55:51 mailet25 bmserver[53347]: 1470000050|d1a8001b-c3bff70000006d4c-e8-2329166bb24|MSG_SIZE|89730\n\n"
+ "<142>Sep 21 09:50:50 mailet25 bmserver[53347]: 1470000049|d1a8001b-c3bff70000006d4c-ed-232903915b4|EHLO|mail.senderdomain.com\n\n"
+ "<142>Sep 21 09:05:05 mailet25 bmserver[53347]: 1470000005|d1a8001b-c3fff70000006d4c-bd-232857b1bc1|LOGICAL_IP|10.10.10.10\n\n"
+ "<142>Sep 21 08:50:56 mailet25 ecelerity[27980]: 1470000055|d1a8001b-c3fff70000006d4c-01-232822f71da|SENDER|foreign-sender@otherdomain.com\n\n"
+ "<142>Sep 21 10:07:15 mailet25 ecelerity[27980]: 1474466835|d1a8001b-c3fff70000006d4c-b1-2329412d19a|ORCPTS|local-user@domain.com\n\n"
+ "<142>Sep 21 08:23:10 mailet25 bmserver[53347]: 1470000090|d1a8001b-c3bff70000006d4c-a2-2327badd653|UNTESTED|local-user@domain.com|has_urls|dz_document|unscannable_pmc|content_500|content_100|content_600|content_200|content_300|content_520|content_521|content_400|freq_va|freq_dha|freq_sa|connection_class_0|connection_class_1|connection_class_2|connection_class_3|connection_class_4|connection_class_5|connection_class_6|connection_class_7|connection_class_8|connection_class_9|blockedlang|knownlang\n\n"
+ "<142>Sep 20 13:44:12 mailet25 ecelerity[27980]: 1470000052|d1a8001b-c3fff70000006d4c-27-231756c7bb3|IRCPTACTION|<none>|msg_reject_other\n\n"
+ "<142>Sep 20 16:20:35 mailet25 ecelerity[27980]: 1470000035|d1a8001b-c3bff70000006d4c-4c-2319a1340a6|IRCPTACTION|local-user@domain.com|deliver\n\n"
+ "<142>Sep 20 13:44:13 mailet25 ecelerity[27980]: 1470000053|d10a8001b-c3abff70000006d4c-2e-231756df083|ACCEPT|10.10.10.10:61441\n\n"
+ "<142>Sep 20 13:44:10 mailet25 ecelerity[27980]: 1470000050|d1a8001b-c3bff70000006d4c-22-23175683fce|DELIVER|10.10.10.10:25|local-user@domain.com \n\n"
+ "<142>Sep 20 14:51:37 mailet25 bmserver[53347]: 140000097|d1a8001b-c3bff70000006d4c-cf-23185372e4b|SOURCE|external\n\n"
+ "<142>Sep 20 15:52:55 mailet25 bmserver[53347]: 1470000075|d1a8001b-c3fff70000006d4c-21-2319397d270|FIRED|local-user@domain.com|none\n\n"
+ "<142>Sep 20 16:16:20 mailet25 bmserver[53347]: 140000080|d1a8001b-c3bff70000006d4c-1c-23199123c15|VERDICT|local-user@domain.com|none|default|default\n\n"
+ "<142>Sep 20 16:15:30 mailet25 bmserver[53347]: 1470000030|d1a8001b-c3abff70000006d4c-e2-23a198e2c348|VERDICT|local-user@domain.com|sys_allow_email|smg quarantine|static allow email address\n";
final Pattern pattern = Pattern.compile(regex, Pattern.MULTILINE);
final Matcher matcher = pattern.matcher(string);
while (matcher.find()) {
System.out.println("Full match: " + matcher.group(0));
for (int i = 1; i <= matcher.groupCount(); i++) {
System.out.println("Group " + i + ": " + matcher.group(i));
}
}
}
}
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Java, please visit: https://docs.oracle.com/javase/7/docs/api/java/util/regex/Pattern.html